lWhena mechanism matches a previously unmatched mechanism,the confidence level increment associated with
that mechanism is added to the current confidence level (the confident level starts at zero).
lThe confidence levelis capped at 100%.
lIf your controllerreboots, your suspected-rogueAPs are not checked against any new rules that were configured
after thereboot .Wit hout this restriction, allt hemechanisms that classified your APs as suspected-roguemay
triggeragain causi ngt he confidence levelto surpasst heir cap of 100%. You can explicitly mark an AP as
“interfering”t o triggerall new rulest o matchagainst it.
Understand ing AP Classification Rules
AP classification rule configuration is performedonly on a master controller.If AMP i s enabledvia the mobility-
managercommand, then processing of the AP classification rules is disabled on the master controller.A ruleis
identified by its ASCII characterst ringname (32 characters maximum).The AP classification rules have one of the
followingspeci fications:
lSSID of the AP
lSNR of the AP
lDiscovered-AP-Count or the numberof AP s that can see the AP

Understanding SSID specifi cation

Each rulecan have up to 6 SSID parameters. If one or more SSIDs are specified in a rule, an option of whether to
match any of the SSIDs, or to not match all of the SSIDs can be specified. The defaultis to check for a match
operation.

Understanding SNR specificat ion

Each rulecan have only one speci fication of the SNR. A minimum and/or maximum can be specified in each rule
and the specification is in SNR (db).

Understanding Discovered-AP-Count specificat ion

Each rulecan have only one specification of the Di scovered-AP-Count.E ach rulecan specify a minimum or
maximumof t heD iscovered-AP-count. The minimumor maximum operation must be specified if the D iscovered-
AP-count is specified. The defaultsetti ngis t o checkfor the minimum discovered-AP-count.

Sample Rules

If SSID equals xyz AND SNR > 40 then classify AP as suspected-rogue with conf-level-incrementof 20
If SNR > 60 and DISCOVERI NG_APS > 2, then classify AP as suspected-roguewith co nf-levelincrement of 35
If SSID equals ‘XYZ’, thenclassify AP as known-neighbor
Understand ing Rule Matching
A rulemust be enabledbefore it i s matched.A maximum of 32 rules can be created with a maximum of 16 rules
active simultaneously. If a rulematc hes,an A P is classified to:
lSuspected-Rogue—anassociated confidence-level is provided (minimum is 5%)
lNeighbor
The followingmechanism is used for rulematching.
lWhen
all
the conditions specified in the rule evaluateto true,t herule matches.
lIf multiplerules match causing the AP to be classified as a Suspected-Rogue, the confidence level of eachrule is
aggregatedto determine the confidence level of the classification.
DellPowerConnect W- Series ArubaOS 6.2 | UserGuide WirelessIntrusionPr evention |370